Dynamic Authorization VDSK1 Values?

Hello,
I was wondering if there is a way i can get some of the authorization values (e.g. org unit in HR) dynamically without specifically giving these values in the authorization Object P_ORIGIN, vield VDSK1?
there is a lot of users with different access depending on their org key, and it is not reasonable to create 30 or 50 roles just for them to be able to access system ?
I hope there is a solution for this. thank you all in advance.
regards,
Mo A

Thanks,
but could you tell me how ? This is first time i read bout structural authorization and i read a document on how to use it but it seems there is something missing which is giving that "Failed HR Structure Authorization".
what i did is as follows and if there is something missing or done wrong please comment on that:
1. Maintain structural authorization profile in view T77PR
2. Assign structure authorization profile to user in view T77UA.
thats all i did ? is there more steps or configuration to be done beside the above 2 steps, please advise ?
Regards,
Mo A

Similar Messages

  • How can we use C# to read dynamic parameter's value list from .rpt?

    I'm using Cystal Report 2008. We know starting from CR XI we can create dynamic parameters, the list of items of this kind of parameter are fetching from database. So in general the SQLs to get the list of values for dynamic parameters are stored in the .rpt.
    In Crystal Report Designer, if I preview a report with dynamic parameters, it will first query the database and then show the input dialog with list of values from database for user to choose. My question is can we implement the same thing by our C# code? I'm planning to use C# code to read this dynamic parameter's value list from .rpt and render them on the web page. Then pass back the user selected values to the .rpt to run the report after user make the choice. I didn't find any APIs can do this. Is it possible?
    Thanks in advance!!

    Hi,
    Can you explain a bit in detail, I have similar scenario. I am using the following code but not getting the Column name for dynamic parameter list.
    foreach (ParameterFieldDefinition prm
                              in reportDocument.DataDefinition.ParameterFields)
                    try
                        string vParameterFieldName;                   
                        *vParameterFieldName = prm.ParameterFieldName.ToString();*
    Shakeel

  • Dynamic list of values in CR 2008 - request of login to database

    I am using CR2008 with VB2005. I created simple application which generate report on different SQL Server 2005 databases.
    Report uses OLE.DB connection to SQL Server, I pass logon information in VB using "SA" username and password. The same simple report works great on different databases with one exception: if parameter (dynamic list of values) is used in report it runs correctly only on database it was created (connection to this database is saved in report and can be seen in Database->Set Datasource Location). Changing connection to other databases in VB during runtime causes CR to ask for username and password (in standard parameter window). It looks, like Crystal have one connection for report and the other for dynamic list of values parameter. I pass connection information to report using ConnectionInfo(). I loop through alll tables in report and apply connection:            
    For Each crTable In crTables
                    crTableLogOnInfo = crTable.LogOnInfo
                    crTableLogOnInfo.ConnectionInfo = crConnectionInfo
                    crTable.ApplyLogOnInfo(crTableLogOnInfo)
    Next
    I tried to pass connection information also to parameter but I couldn't find such possibility.

    This is a known issue (Tracking number is ADAPT01333806.) and a note has been written,  unfortunately it is not yet published. Below is the note content, including a work-around / resolution. You may also want to try FP 2.3, see that helps. (I'll break this post into two as I'll loose the formatting if I don't.
    Reproducing the Issue
    Use Crystal Reports 2008 SP2 to create a report with dynamic parameter(s)
    Use the following code from the Crystal Reports SDK for VS .NET
    Dim crDatabase As Database
    Dim crTables As TablesDim crTable As Table
    Dim crTableLogOnInfo As TableLogOnInfo
    Dim crConnectionInfo As ConnectionInfo 
    crReportDocument.Load("<path>")
    crReportDocument.Refresh()
    crConnectionInfo = New ConnectionInfo()
    With crConnectionInfo   
         .ServerName = "<New Server Name>"   
          .Password = "<password>"
    End With
    crDatabase = crReportDocument,Database
    crTables = crDatabase.Tables
    For Each crTable In crTables     
         crTableLogOnInfo = crTable.LogOnInfo     
         crTableLogOnInfo.ConnectionInfo = crConnectionInfo     
         crTable.ApplyLogOnInfo(crTableLogOnInfo)
    Next
    CrystalReportViewer1.ReportSource = crReportDocument
    The above code works with Crystal Reports 2008 SP 1

  • ISE 1.2 - Dynamic Authorization Failed

    Hello!
    In my design network I use the ISE for CWA with a WLC, but when a client entrer his credentials, the CoA failed with this error : "11213 No response received from Network Access Device after sending a Dynamic Authorization request"
    This error is really strange because I can contact the ISE from the WLC. My ISE, and my broadcasted network are in the same VLAN, is it possible that this error come from this network architecture?
    My is is patched with the cumulative patch 7 and for information, I can do a "manual CoA" by disconnect/reconnect the client manually and after that the client has a network access.
    Used configuration for ISE and WLC : http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html
    Thanks in advance if you have the least clue to resolve this issue.
    Kévin

    I will perform some additional testing and let you know my results.  I have this setup in the lab now with ISE 1.2 Patch 7 as well.... Since I only have a couple of PC's in the lab, I've noticed that I am unable to terminate the users session manually.  So I usually end up stopping and restarting the services. This is how i clear my live sessions.
    Is your setup in a Lab or Production?  If its in a lab can you restart ISE and your WLC.   I know when I first did my "debug client <mac>" My airespace ACL was showing the incorrect ACL ID.  After a reboot of ISE and recreating my WLC ACL it went away.   I haven't noticed my service IP ever showing up in ISE.  I usually see the users MAC address then a [email protected] "User Authentication" with his IP.  Next its the WLC MNGT Interface and finally the User Authorization again show Authz Internet-Only.
    My lab does not always function 100% so I am hoping after we go Live this weekend,  these flaky issues go away.  One of my problems is I don't have internet access.  Just a web server hosting a web page. I'll keep notes on anything I find that hopefully assist you.

  • How to generate controls dynamically based on value stored in database using mvc4?

    In my database, i have a field called control_ids corresponding to  text box, dropdownlist, radiobuttonlist etc. My goal is to
    create controls dynamically based on value of control_id-field in table. Anybody please help me how to create the controls dynamically in MVC 4 for this scenario.

    In your view you could do something like that:
    foreach (var field in Model.FormStruture.fields)
    <div class="editor-label">
    <label for="@field.Name">@field.Descricao</label>
    </div>
    <div class="editor-field">
    <input class="text-box single-line" id="@field.Name" name="@field.Name" type="text" value="@field.Valor" data-rules-required="@field.Mandatory.ToString().ToLower()" data-rule-number="@field.Tipo.Equals(SiB.OCR.Documentos.Modelo.TipofieldDocumento.Numerico).ToString().ToLower()" title="@field.Descricao" />
    </div>
    if (!String.IsNullOrEmpty(field.Format))
    @:<script type="text/javascript">$("[email protected]").mask("@field.Format");</script>

  • Howto pass dynamic jsp:param value to applet

    Hi.
    I have a JSP page with 3 to 4 links... and an applet with jsp:plugin .
    So i want to pass the URL behind the link to the applet as a Request Param..
    My JSP code looks like
    <a link href="www.google.com">Google</a>
    <a link href="www.oracle.com">Oracle</a>
    <a link href="www.gmail.com">Gmail</a>
    <jsp:plugin type="applet"
                                code="MyApplet"
                                height="0" codebase="../../jars/" width="0"
                                name="MyApplet"
                                align="bottom">
                            <jsp:params>
                                    <jsp:param name="applicationURL"
                                               value="this should be the "/>
                            </jsp:params>
                            <jsp:fallback>
                                    <p>This feature should run on applet supported
                                       browser.</p>
                            </jsp:fallback>
                    </jsp:plugin>and my applet code looks like
    init()
              String appURL = getParameter("applicationURL");
                    System.out.println(appURL);
              }I have a similar thread in Java forums... Howto pass dynamic jsp:param value to applet
    Thanks,
    Murali.

    My JSP code looks like
    <jsp:plugin type="applet"
                                code="MyApplet"
                                height="0" codebase="../../jars/" width="0"
                                name="MyApplet"
                                align="bottom">
                            <jsp:params>
                                    <jsp:param name="applicationURL"
                                               value="applicationURL"/>
                            </jsp:params>
                            <jsp:fallback>
                                    <p>This feature should run on applet supported
                                       browser.</p>
                            </jsp:fallback>
                    </jsp:plugin>and my applet code looks like
    init()
              String appURL = getParameter("applicationURL");
                    System.out.println(appURL);
              }Now i want to have links on JSP pages clicking on which corresponsing url will be displayed in applet.
    Edited by: 635237 on Jan 24, 2011 10:44 AM
    Edited by: 635237 on Jan 24, 2011 10:45 AM

  • Can I create  a multi-selection list using a dynamic list of values?

    I'm reading section 19.7.3 from the dev guide - it explains how to create a selectOneListbox using a dynamic list of values. Is it possible to create a multi-select listbox from a dynamic list of values?
    What I would like to do - I have a read-only view object with a hard-coded query - I would like to display the results of the query in a dropdown list box, or dropdown list box with boolean checkboxes, to allow the user to select multiple items from the list. How can I accomplish this?
    thanks

    Hi JavaX,
    I don't know of any JSF components (at least not any ADF Faces components) that lets you do multiple selection in a drop-down. There is an af:selectManyListbox, but it does not render as a drop-down.
    John

  • Dynamic cell associated value as query string parameter in custom hyperlink property of KPI of scorecard in PPS SP2013

    Can we pass dynamic cell associated value [of scorecard] as query string parameter in custom hyperlink property of KPI of scorecard in PPS SP2013 , so that we can pass those values to another page 
    How to get those cell associated values and set these dynamic value as query string parameter in custom hyperlink property of KPI of scorecard in performance point services in sharepoint 2013

     I could somehow link to the table name, but that can be changed...  Any ideas?
    Not sure if this will help or not but maybe a little from several areas might point you in the right direction.
    If you are concerned about users changing the table name then you can define a name to reference the table and then if the user changes the table name then the Refers to automatically changes to the new table reference but your defined name remains the same.
    However, if users want to break a system even when you think you have it bullet proof the users come along with armour piercing bullets.
    Example:
    Insert a table (say Table1)
    Go to Define a name and insert a name of choice (eg.  ForMyTab1)
    Then click the icon at the right of the Refers to field and select the entire table including the column headers and it will automatically insert something like the following in the Refers to field.
    =Table1[#All]
    Now if a user changes the table name then Table1 will also automatically change.
    Example code to to reference the table in VBA.
    Sub Test()
        Dim wsSht1 As Worksheet
        Dim lstObj1 As ListObject
        Set wsSht1 = Worksheets("Sheet1")
        Set lstObj1 = wsSht1.ListObjects(Range("ForMyTab1").ListObject.Name)
        MsgBox lstObj1.Name
    End Sub
    Regards, OssieMac

  • Dynamically setting the values for the Adapter Configuration in BPEL

    We are configuring the JMS adapter to put into an MQ topic. For this we are giving all the values for the configuration parameters like
    Factory Properties.
    JMS connection Factory
    Transacted
    Destination Type
    Username
    Password
    Destination Name, etc...
    and we are able to produce message on the MQ.
    Our requirement is to dynamically pass the values for the above parameters from some configuraion files(other than oc4j-ra.xml), which will have value for each obove parameters.
    Any help on this is highly appreciated.
    Regards,
    Suman

    Re: JMS Properties setup
    this thread will explain how to do it.

  • ISE Alarm (WARNING): Dynamic Authorization Failed for Device

    Hi all,
    I am posting this discussion as previous posts that I have found in this forum have never been resolved or the resolution is not applicable to me.
    I am using ISE 1.1.1.268 and WLC 7.2.111.3 and NAC agent version 4.9.1.6 on Windows 7 Client machines.
    About once a day i get the error "ISE Alarm (WARNING): Dynamic Authorization Failed for Device".
    The device it is reffering to is my NAD, a WLC 5508 running 7.2.111.3
    I have looked at the logs and I cannot see anything in the logs which correcponds to this message so that I can troubleshoot further. Maybe I can if I am enabling the correct logging level on the correct ISE component.
    Can someone suggest the components and the logging level that I should set to get some more detail about this error?
    At the moment, I have only set debug logging on Active Directory. I have TRACE logging set on Posture, Runtime AAA & prrt-JNI.
    I do not want to enable too much debug logs, so I was wondering whether anyone can help with a specific element that I should be debugging.
    I thought debugging the posture element would be enough but when I look at the logs there is nothing there that relates to this message.
    Can anyone help?
    thanks
    Mario

    Firstly, I wouldn't run a production deployment of ISE on 1.1.1.... 1.1.3 Patch 1 or 1.1.4 is the way to go.
    Secondly, this error happen a lot, especially with Wireless, and it's not worth worrying about.  I've had a couple of TAC cases opened for this and some similar errors, generally they're caused by a Client going to sleep, leaving the coverage area or otherwise leaving the WLC while ISE is trying to do something with it.
    Only worry if you actually have a Client-impacting problem, which by the sounds of it, you don't.

  • ISE: Dynamic Authorization Failed

    Hi,
    I am gettning warning messages in ISE saying
    Cause:
    Dynamic Authorization Failed for Device: 0002SWC003 (switch)
    Details:
    Dynamic Authorization Failed
    It is not only on that switch but on all switches I have configured. I am using 3560 IPBase 12.2(55)SE6. I have configured them according to Trustsec 2.1.
    My end devices are none-802.1x.
    I can't figure out what is causing this error.
    The thing is that I have not experienced any problem. In Live Authentications there are some 'Unknown' and 'Profiled' devices hitting the DenyAccess rule, but other then that everying is beeing Authorized fine.
    Anyone got an idea what could be causing this error?
    Regards,
    Philip

    This is what I have found out.. Using ISE Version 1.1.1.268. If you go the logs page
    Jan 10,13 7:39:12.147 AM
    Dynamic Authorization failed
    and then go to the details...
    Failure Reason > Authentication Failure Code Lookup
    Failure Reason :
    11213 No response received from Network Access Device
    Generated on:January 10, 2013 8:08:17 AM PST
    Description
    No response received from Network Access Device.
    Resolution Steps
    Check the connectivity between ISE and Network Access Device. Ensure that ISE is defined as Dynamic Authorization Client on Network Access Device and that CoA is supported on device.
    ...next check into Resolution Steps...

  • 5417 Dynamic Authorization failed

    Hi guys,
    Does anyone meet this Radius Error in Cisco ISE 1.2 and the switch 2960 12.2(55)SE7 ?
    When i reauthentication the guest profile to the other profile using Radius CoA on the Self-Service Guest Workflow.
    The error is :
    Event
    5417 Dynamic Authorization failed
    Failure Reason
    11103 RADIUS-Client encountered error during processing flow
    Resolution
    Do the following: 1) Verify shared secret matches on the ISE Server and corresponding AAA Client, External AAA Server or External RADIUS Token Server. 2) Check the AAA Client or External Server for hardware problems. 3) Check the network devices that connect the AAA peer to ISE for hardware problems. 4) Check whether the network device or AAA Client has any known RADIUS compatibility issues.
    Root cause
    RADIUS-Client encountered an error during processing flow
    I checked all the resolution steps but the error sitll exsit.
    I would greatly appreciate any help you can give me in working this problem

    An internal error has been detected during the processing of an incoming RADIUS packet. Make sure that the client device is compatible with AD Agent, has been configured properly, and is functioning properly. Make sure that the same RADIUS shared secret has been properly configured, both in the client device and in AD Agent.
    http://www.cisco.com/c/en/us/td/docs/security/ibf/setup_guide/ad_agent_setup_guide/ibf10_log_msgs.html

  • Dynamic Authorization Failed

    hi
    I keep getting error meesages on the ISE in regards to RADIUS
    the error is
    Dynamic Authorization failed : 1213 No response received from Network Access Device
    i am using ISE version 1.1.1 and the NAD is a WLC running version 7.0.98.0
    i use ISE to authenticate users via PEAP. I deleted the NAD and re-added it twice but i still keep getting this issue. this set up was working fine for the last few weeks.
    i dont think location and device type would cause an issue to authentication under the NAD list
    anyone have any ideas?

    the option i.e drop down box wasnt there. lookin at the compatibility chart of ISE 1.1.1 and WLC, minimum version for WLC is 7.2.103.0
    Do you need to have RADIUS NAC enabled if the ISE is only used to authenticate corporate wireless users against AD. there is no CoA,
    the other function is to use RADIUS as network management logon. to WLC using the AD. depending on the AD group , one could get priv 15 or priv 5 access. i am also using device attribute by location so that remote offices network enigineer cannot log onto the WLC. i.e i created a NAD , put it in a location and use that location AND the AD group to qualify for priv 15 access.
    Coudl this policy interrupt the wireless RADIUS policy? Wireless policy is at the top of the list under authorization tab.

  • Dynamic Authorization Failed: DiconnectNAK

    I have WLC 7.6 and ISE 1.2 Patch 6.
    My use case is WLAN Guest Access with CWA. I have ISE Appliance 3395 (2 Admin/Mon, 2 PSN). Everything work fine so far.
    But from time to time I get these strange message (it does not matter if I do a manual Session termination in the Operations Tab) Everything is configured in the right way, since normal CWA works (CoA is working fine, but not always...).
    Here the corresponding Log-Entry:
    0000001241 2 0 2014-02-28 11:11:37.241 +01:00 0000106595 5417 NOTICE Dynamic-Authorization: Dynamic Authorization failed, ConfigVersionId=53, Device IP Address=a.b.c.d, Device Port=42121, DestinationIPAddress=a.b.c.d, DestinationPort=1700, RadiusPacketType=DisconnectRequest, Protocol=Radius, RequestLatency=3, NetworkDeviceName=xx-WLC01, NAS-IP-Address=172.16.226.26, Calling-Station-ID=1C:AB:A7:96:7B:99, Acct-Session-Id=53105c2a/1c:ab:a7:96:7b:99/336136, Acct-Terminate-Cause=Admin Reset, Event-Timestamp=1393582297, cisco-av-pair=audit-session-id=ac10e21a00052f6953105f07, AcsSessionID=ise-04/182359788/9392, Step=11044, Step=11017, Step=11100, Step=11101, Step=11048, NetworkDeviceGroups=Location#All Locations#xx_VPN, NetworkDeviceGroups=Device Type#All Device Types#Wireless Devices#WLC Foreign, CPMSessionID=ac10e21a00052f6953105f07, EndPointMACAddress=1C-AB-A7-96-7B-99, Location=Location#All Locations#xx_VPN,
    Has anybody ever had the same expirence, or is this a know issue?
    Thanks for feedback!

    Please go through the link below for best practice.
    http://www.redelijkheid.com/blog/2013/4/2/cisco-ise-change-of-authorization-coa-not-working

  • Dynamic Authorization Failed - Posture with Guest Portal - ISE - WLC

    Hello everybody,
    I'm implementing a NAC solution based on Cisco ISE. Unfortunately, I'm facing a problem related to the CoA (Change of Authorization).
    The guest can authenticate successfully via portal and then he is redirected to the page of client provisioning.
    When he is compliant with the policy he gets access without any problem and this means that CoA works perfectly. The issue occurs when he has to remediate (download the file from ISE and install it). In this case, we need a change of authorization profile.
    The authentication logs show that the posture status changed from non-compliant to compliant but the users doesn't obtain access .
    Here are details :
    Authentication Details
    Source Timestamp
    2015-04-30 18:43:13.179
    Received Timestamp
    2015-04-30 18:43:13.18
    Policy Server
    ISE-CISCO
    Event
    5417 Dynamic Authorization failed
    Failure Reason
    11213 No response received from Network Access Device after sending a Dynamic Authorization request
    Resolution
    Check the connectivity between ISE and Network Access Device. Ensure that ISE is defined as Dynamic Authorization Client on Network Access Device and that CoA is supported on device.
    Root cause
    No response received from Network Access Device after sending a Dynamic Authorization request
    Username
    User Type
    Endpoint Id
    E0:9D:31:07:**:**
    Endpoint Profile
    IP Address
    Identity Store
    Identity Group
    Audit Session Id
    ca0019ac00000003ae674255
    Authentication Method
    Authentication Protocol
    Service Type
    Network Device
    WLC-1
    Device Type
    Location
    NAS IP Address
    172.25.0.202
    NAS Port Id
    NAS Port Type
    Authorization Profile
    Posture Status
    Compliant
    Security Group
    Response Time
    15002
    Other Attributes
    ConfigVersionId
    4
    RadiusPacketType
    CoARequest
    Event-Timestamp
    1430415778
    AcsSessionID
    50149c2f-08fb-4f9d-b1b5-f655e71d039f
    StepLatency
    3=15001
    Device IP Address
    172.25.0.202
    CiscoAVPair
    subscriber:command=reauthenticate
    audit-session-id
    ca0019ac00000003ae674255
    Session Events
    2015-04-30 18:43:13.18
    Dynamic Authorization failed
    2015-04-30 18:41:44.159
    Dynamic Authorization failed
    2015-04-30 18:35:42.64
    Guest Authentication Passed
    2015-04-30 18:34:39.214
    RADIUS Accounting start request

    You can use LWA for this . he WLC redirects  the HTTP traffic to an internal or external server where the user is prompted to  authenticate. The WLC then fetches the credentials (sent back via an HTTP GET  request in the case of external server) and makes a RADIUS authentication. In  the case of a guest user, an external server (such as Identity Service Engine  (ISE) or NAC Guest Server (NGS)) is required as the portal provides features  such as device registering and self-provisioning.
    Refer to the following link for  configuration  example
    http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bead09.shtml

Maybe you are looking for